Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/plugin-creator/Gen Agent Trust Hub

plugin-creator

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requests full shell access to automate project scaffolding and validation tasks.
  • Evidence: SKILL.md grants Bash(cmd:*) permissions.
  • Evidence: references/plugin-creation-process.md describes executing npm run sync-marketplace and a local validation script ./scripts/validate-all.sh during the plugin generation flow.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates untrusted user input into generated files which could influence downstream agents or tools.
  • Ingestion points: User-provided plugin name, description, and keywords captured during the 'generate', 'create', or 'scaffold' triggers defined in SKILL.md.
  • Boundary markers: Absent. There are no instructions or delimiters designed to isolate user input from the generated file structure.
  • Capability inventory: The skill possesses Write, Grep, and Bash(cmd:*) tools (as seen in SKILL.md), which could be misused if instructions hidden in generated files are subsequently executed.
  • Sanitization: While the skill mentions using jq for JSON syntax validation and a custom validation script, there is no evidence of content sanitization for natural language fields like descriptions (described in references/plugin-creation-process.md).
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 01:08 AM